C1841 router vpn setup issue - Cisco Community

649

Views

0

Helpful

2

Replies

Hi,

I have issue with setting up c1841 router for vpn access. Below config is extracted from the running-config. Please also find attahed the debug log output.

crypto isakmp client configuration group vpn-group

key 128382671

dns 200.xx.xx.xxx

domain group.com

pool vpnpool

!

crypto ipsec security-association lifetime seconds 180

!

crypto ipsec transform-set myset ah-sha-hmac esp-des esp-md5-hmac

crypto ipsec transform-set yourset ah-md5-hmac esp-3des comp-lzs

!

crypto dynamic-map DYNMAP 10

set transform-set myset yourset

match address 101

reverse-route

!

!

crypto map CLIENTMAP local-address FastEthernet0/1

crypto map CLIENTMAP client authentication list AUTHEN-LIST

crypto map CLIENTMAP isakmp authorization list AUTHEN-LIST

crypto map CLIENTMAP client configuration address respond

crypto map CLIENTMAP 10 ipsec-isakmp dynamic DYNMAP

!

Best Regards,

Ruveni

2 Replies 2

Hi Mate ,

a few comments if you don't mind :

1- did you confgure an isakmp policy with DH group 2 .

2- why you are using an access-list under the dynamic crypto map .

is it possible to attach the full config of the router ? the debugs are showing that we are not going beyond IKE first message as the router refuses the proposals offered by the client .

hope that hsi helps .

Mohammad.

Hi Mate,

Am basically able to authenticate using cisco vpn client but does not indicate any connection.

Please find attached the running-config and the debug log...

Many Thanks,

Ruveni

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community